Free ransomware help for healthcare providers during the coronavirus outbreak

Free ransomware help for healthcare providers during Coronavirus outbreak

As hospitals around the world struggle to respond to the COVID-19 crisis, ransomware presents a serious risk to their ability to provide urgent care are to the critically ill. In 2019, at least 764 healthcare providers were impacted by ransomware. Without a global pandemic, a ransomware attack on a critical care facility can cause grave danger to patients. With COVID-19, a ransomware attack on an overwhelmed hospital could tip the balance and result in a significant loss of life.

We’re here to help

In partnership with incident response company Coveware, we will be offering completely free help to critical care hospitals and other healthcare providers that are on the front lines of COVID-19 and have been impacted by ransomware. Subject to our own capacity, we aim to provide this service for the duration of the crisis to healthcare providers anywhere in the world.

The services offered will include:

Ransomware attacks are likely to spike in the coming weeks

Ransomware has a seasonal aspect with the number of incidents spiking during the spring and the summer months.

Number of ransomware by month and year

Chart based on our data plus data from EPSRC EMPHASIS Ransomware Project

Whether these spikes are due to increases in the number of attacks or organizations being more susceptible to attacks at certain times of year is not clear. However, in either case, it is likely that there will be an increase in the number of healthcare providers impacted by ransomware in the coming months and, unfortunately, this increase may coincide with the peak of the COVID-19 outbreak. Further, the spikes may be more pronounced than in previous years due to security weaknesses resulting from hastily introduced work-from-home arrangements, personal device usage and staffing shortages.

In short, we may be looking at a near-perfect storm in which healthcare providers are disrupted at the very time they are needed the most.

A note to ransomware groups

While we will never condone criminal behavior, we understand why financially motivated cybercrime exists. We also know you are humans, and that your own family and loved ones may find themselves in need of urgent medical care. Make no mistake, an attack on a healthcare organization will have negative outcomes and may result in the loss of life. We ask for your empathy and cooperation. Please do not target healthcare providers during the coming months and, if you target one unintentionally, please provide them with the decryption key at no cost as soon as you possibly can. We’re all in this together, right?

A note to security companies and professionals

Got expertise? Got some free time? Willing to assist with this initiative? Shoot us an email at [email protected]. We’d love your help.

A note to other organizations that may be affected by ransomware during these trying times

It breaks our hearts not to be able to extend a helping hand to everyone. We are all in the same boat together. Our priority at this time is to ensure we have the capacity to assist the healthcare organizations helping save the lives of COVID-19 patients. If we find the capacity to extend this offer to other industries, we will update this post and provide further guidance. Until then, please hunker down and stay safe.

Emsisoft Malware Lab

Emsisoft Malware Lab

The Lab team is a group of cybersecurity researchers whose mission is to enhance protection in Emsisoft products, help organizations respond to security incidents and create analysis that helps decision-makers understand the threat landscape.

What to read next